Open
Cached
·
just now
83/100
SECURITY SCORE
Certificate Information
Subject
C=RU, ST=Saint Petersburg, L=Saint Petersburg, O=V Kontakte LLC, CN=*.mvk.com
Issuer
C=BE, O=GlobalSign nv-sa, CN=GlobalSign RSA OV SSL CA 2018
Valid From
October 17, 2025
Valid Until
March 11, 2026
41 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
61:A1:DA:0B:71:05:50:9B:BB:4C:35:5A:57:67:2F:D2:BF:6C:A6:E6:A1:2D:D6:E0:8F:51:FD:4E:A7:CA:53:FC
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=15768000
Content-Security-Policy
Basic
default-src; script-src; style-src; +1 more
default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://yandex.ru https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com https://*.vkvideo.ru 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com https://*.vkvideo.ru 'self' 'unsafe-inline';report-uri /csp
X-Frame-Options
Good
sameorigin
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
50 domains
mvk.com
*.mvk.com
storage.mvk.com
*.pfm.mvk.com
*.s3.mvk.com
*.storage-stage.mvk.com
*.storage.mvk.com
s3.storage-stage.mvk.com
*.s3.storage-stage.mvk.com
*.admin.cs7777.vk.com
*.api.cs7777.vk.com
*.away.cs7777.vk.com
*.cabinet.vkvideo.cs7777.vk.com
cs7777.vk.com
*.cs7777.vk.com
*.dev.cs7777.vk.com
eh.cs7777.vk.com
*.eh.cs7777.vk.com
*.id.cs7777.vk.com
*.login.cs7777.vk.com
*.m.cs7777.vk.com
*.m.vkvideo.cs7777.vk.com
*.me.cs7777.vk.com
*.ms.cs7777.vk.com
*.oauth.cs7777.vk.com
sport.m.vkvideo.cs7777.vk.com
*.sport.m.vkvideo.cs7777.vk.com
*.sport.vkvideo.cs7777.vk.com
*.ui.cs7777.vk.com
vksport.m.vkvideo.cs7777.vk.com
*.vksport.m.vkvideo.cs7777.vk.com
*.vksport.vkvideo.cs7777.vk.com
*.vkvideo.cs7777.vk.com
*.admin.cs7777.vk.ru
*.api.cs7777.vk.ru
*.away.cs7777.vk.ru
cs7777.vk.ru
*.cs7777.vk.ru
*.dev.cs7777.vk.ru
*.id.cs7777.vk.ru
*.login.cs7777.vk.ru
*.m.cs7777.vk.ru
*.m.vkvideo.cs7777.vk.ru
*.me.cs7777.vk.ru
*.ms.cs7777.vk.ru
*.oauth.cs7777.vk.ru
*.ui.cs7777.vk.ru
*.vkvideo.cs7777.vk.ru
vktickets.com
*.vktickets.com
Other domains in certificate